APC Data Management Flashcards
Where would you find GDPR Regulations?
o Data Protection Act 2018
What are GDPR Regulations?
o Establish the general obligations of data controllers and processors.
o Must implement security measures according to the data risk involved in the work.
o 4 key components –
Fair and lawful processing
Purpose limitation
Data minimisation
Data retention
o Need to have a Data Protection Officer in a business.
o Penalties for breaches – up to £17.5mil or 4% annual global turnover.
How does your employer manage data?
o Via a centralised DMS and for estates issues via PMS and CMS, and use of data labels in different categories dependent on sharing rights.
o SSO software is in use to prevent unauthorised access, and this is supported by a secondary layer of ID confirmation via a location confirmation app.
o Regularly updated Information Security Policies, Standards and Procedures.
Clear Desk Policy
Information Classification Policy
Acceptable Use Policy
Security Incident Response Policy.
What is competition law?
o Governed by Competition Law Act 1998 to regulate competition in UK markets.
o Ensures a fair marketplace for consumers and producers.
o Prohibits unethical practices designed to consolidate greater market share than reasonable.
o Promotes healthy competition.
How does your employer protect data?
o Have a Clean Team who are responsible for the labelling of data as well as act as the report function for possible breaches. They are experts in this field and ensure material adherence to our obligations.
o Any potential breaches or near misses have to be reported to investigation and resolution.
o As a REM I am not able to view site specific data for sites agreed under MSAs. This is labelled as pink data, and so if I see the tag on a site file within the PMS I inform the requester that I cannot undertake the service required due to data sensitivity and pass onto the Clean Team for analysis and direction.
How does your employer protect data?
o Have a Clean Team who are responsible for the labelling of data as well as act as the report function for possible breaches. They are experts in this field and ensure material adherence to our obligations.
o Any potential breaches or near misses have to be reported to investigation and resolution.
o As a REM I am not able to view site specific data for sites agreed under MSAs. This is labelled as pk data, and so if I see the tag on a site file within the PMS I inform the requester that I cannot undertake the service required due to data sensitivity and pass onto the Clean Team for analysis and direction.
EXAMPLE
Slide deck
What are the 7 principles of data management?
fairness, lawfulness, minimisation, purpose, accuracy, security, accountability.
What is FOIA?
Freedom of Information Act 2000
Creates a public right to have access to data relating to public authority activities.
What is BIM?
Building Information Modelling
What are the four levels of BIM?
Level 0 - little to no data
Level 1 - simple data available (CAD)
Level 2 - commonality in data and BIM model available.
Level 3 - cohesive full modelling of asset lifecycle.
Open BIM - ultimate goal, universal.
Level 2 is a requirement for all public sector contracts.
What is 4Projects?
cloud based construction management tool.
SAAS - software as a service.
Used to promote collaboration across various parties involved in project lifecycle.
What’s a digital twin?
virtual model of a physical asset.
Used to reduce site visits/enable more detailed interrogation of capacity (i.e. loading or wind bearing).
Regulators for competition law in telecoms?
CMA - Competition and Markets Authority
OFCOM - communications regulator
Penalties for breaching competition law?
fine of up to 10% gat.
prosecution.
loss of contracts and damages associated.